According to Google PlayStore, apps that contain or feature user-generated content (UGC), which include platforms like Twitter, Facebook, and Threads, must implement robust, effective, and ongoing UGC moderation. Google describes UGC as the content which is contributed to an app by users and which is accessible by “at least a subset of the app's users”.
So... All XMPP and email apps on Google play are in violation of this and Google just hasn't noticed yet?
MSavoritias (fae,ve): there are several ways to do RPC with XMPP. XML-RPC, ad hoc commands, or custom iqs. Of course soap is also possible but that's never been specced I think?
I think the existing lan P2P xep was an interesting historical thing from the distant past where you didn't need encryption and could use local network discovery etc etc, but is pretty obsolete today
So you're saying advertise real jid via avahi? IIRC the xep does have a provision for that. That requires internet and exposes your JID but you're correct neither of those is an obstacle for me generally
Hmm well you need to come up with a good way to authenticate the connections, if you are talking client-to-client they don't have ways to generate certs each other can trust yet
Sharing public key hashes over OMEMO or similar would work
i could see it useful in an organisational setting but typically corporations will be hosting a server anyway, so most use cases even for that are kinda meh
i could see it useful in an organisational setting but typically corporations will be hosting a server anyway, so most use cases even for that are kinda meh
And few organizations have everyone in the same building on the same network
zash: sorry to inform you but your browser is unsupported next month, we need to change random UI elements to confuse the hell out of you when you come back into the office
There is nothing in any of these standards that would
prevent me from including a 1 gigabit MPEG movie of me
playing with my cat as one of the RDN components of the DN
in my certificate.
-- Bob Jueneman on IETF-PKIX
Now I can't stop thinking about this
What's the advantage over DNS?
Having thought about it for 2 minutes, it could be a solution for hosting XMPP servers securely without domain names or DNS without resorting to Tor
What's the advantage over DNS?
Having thought about it for 2 minutes, it could be a solution for hosting XMPP servers securely without domain names or DNS without resorting to Tor
Yes. Records will have similar advantage as a .torrent. It would be pretty cool
but with omemo
i'm experiencing some terrible omemo bug with Profanity atm... to the point i'm for now only using Conversation so not too sure on this one.
Tor is great but the downside is it's a bit too slow for calls etc, doing something like this could give us the security of onion domains but over clearnet (and obviously lose the Privacy of Tor too)
i think you misunderstand that "onion names" are useless on their own, they leverage tor dirauths to actually look up the hidden service location within the tor network (well, its tunnels)
Anyway, my point was just that DNS can probably be made to work in most cases and when not there are a bunch of existing solutions depending on goals. I don't think we need to invent or spec anything
i mean, all this discussion is useful especially if we start talking about encrypted layer-3 transits such as cjdns, yggdrasil, even some vpn like dn42 or anonet
well the latter still require tls for transit encryption nvm
former two are perfect examples though, everyone can "directly" (i.e. no nat bullshit) connect to everyone else in the network, encrypted and verified by the ip address (pubkey) alone